CloudFlair vs CloudSploit
GitHub Stats
About CloudFlair
CloudFlair is a tool for finding origin servers of websites protected by Cloudflare, using Internet-wide scan data from Censys. When a website uses Cloudflare as a reverse proxy, the actual origin server's IP address is hidden. CloudFlair works by searching Censys for IPv4 hosts that present an SSL certificate associated with the target domain, then checks each candidate to see if it responds with the same content as the Cloudflare-protected site. This technique is effective because many administrators configure SSL certificates on their origin servers that match the domain they're protecting, but forget to restrict direct IP access. It's a valuable tool for penetration testers looking to bypass Cloudflare's WAF and DDoS protection.
About CloudSploit
CloudSploit is an open-source security configuration scanner for cloud environments, including AWS, Azure, GCP, and Oracle Cloud. It detects misconfigurations and security risks by analyzing cloud service settings against best practices. Written in JavaScript, CloudSploit is used by security teams to identify vulnerabilities in cloud infrastructure and ensure compliance with security standards. Its comprehensive coverage makes it a critical tool for cloud security monitoring.
Platform Support
Tags
CloudFlair only
CloudSploit only